A Chat with datree about Node.js, the GitOps Movement and the Future of Software Development

We sat down with the team at datree to talk about why they joined the Node.js Foundation and how Node.js and the community fit within the GitOps movement.

You are a new startup. What is datree and how can you help developers in the Node.js community?

Datree is a Git-level policy engine that keeps growing DevOps teams safe. It lets companies mitigate the security risks of fast-moving DevOps culture, and increases collaboration between Security teams and DevOps. With datree, DevOps leaders can accelerate the delivery of quality software, with confidence in their software quality and operational simplicity.

We’re based in San Francisco and Tel Aviv. datree was developed for developers by developers. We started datree in September 2017, with a clear mission to change the way DevOps organizations scale.

Datree was founded because software development has changed drastically over the last few years. Companies are codifying everything nowadays. YAML files are now “first class citizens,” and Git has become the single source of truth. Everything is managed and operated by pull requests. Many companies are doing GitOps without even realizing it.

Datree can help the Node.js community to focus on the code, minimizing the overhead of internal package management and encouraging the implementation of Node.js development best-practices.

Recently, we also introduced the datree GitHub report, a SaaS-based tool to help devs stay up-to-date with GitHub best practices.

Why did you decide to join the Node.js Foundation?

Well, first off we’re a Node.js shop! Node.js helps power datree so we have a big stake in its future.

Secondly, we’re a customer-centric company. Before we wrote a single line of a code we interviewed 40+ customers. In order to solve real problems and constantly evolve, you need to stay involved in developer communities. Joining the Foundation helps us stay plugged into the Node.js community. We believe that staying plugged into the community will help us to stay close to our customers and what they need. It’s always day one!

Your company helps companies create a set of policies for their applications and apply them to GitHub before a commit goes live. How will this will benefit Node.js projects?

Companies will be able to codify their existing policies and post-mortem incident reports and use this to validate every single pull request. We also provide built-in rules for Node.js. For example, “pinning dependencies” to define explicit versions of software your application depends on. Without “freezing” dependencies, we run the risk of executing different software between development and production environments. With datree, you can get a report of all existing projects with “unpinned dependencies” and prevent future misconfigured pull requests from merging.

How might the GitOps movement impact companies using Node.js?

GitOps helps companies to move faster, safer and be more collaborative. There is great alignment between Node.js, microservices, cloud native applications and GitOps. This combination will improve developer productivity even more.

How do you see Node.js fitting within the GitOps movement?

Microservices, Kubernetes and serverless are the main amplifiers of GitOps, and Node.js has become the runtime of choice for cloud-native applications. We see the rapid growth of Node.js across all of our customers. According to the 2018 Node.js User Survey Report the usage continues to grow rapidly, with over 3/4 of participants expecting to expand their use of Node.js in 2019. We believe that the number of Node.js tools and applications for GitOps will continue to grow.

How did you first hear about the Node.js Foundation?

We’ve been familiar with the Node.js Foundation since its inception in 2015. Node.js has been the programing language of choice for many of us for years. When we started datree we immediately thought about joining the Node.js Foundation, especially because we were using Node.js so much in datree.